From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
Subject: [PATCH v3 05/10] generic/572: support non-4K Merkle tree block size
Date: Thu, 29 Dec 2022 15:32:17 -0800 [thread overview]
Message-ID: <20221229233222.119630-6-ebiggers@kernel.org> (raw)
In-Reply-To: <20221229233222.119630-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Update generic/572 to not implicitly assume that the Merkle tree block
size being used is 4096 bytes. Also remove an unused function.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
tests/generic/572 | 21 ++++++---------------
tests/generic/572.out | 10 +++-------
2 files changed, 9 insertions(+), 22 deletions(-)
diff --git a/tests/generic/572 b/tests/generic/572
index cded9ac6..d8071a34 100755
--- a/tests/generic/572
+++ b/tests/generic/572
@@ -9,7 +9,7 @@
# - conditions for enabling verity
# - verity files have correct contents and size
# - can't change contents of verity files, but can change metadata
-# - can retrieve a verity file's measurement via FS_IOC_MEASURE_VERITY
+# - can retrieve a verity file's digest via FS_IOC_MEASURE_VERITY
#
. ./common/preamble
_begin_fstest auto quick verity
@@ -48,15 +48,6 @@ verify_data_readable()
md5sum $file > /dev/null
}
-verify_data_unreadable()
-{
- local file=$1
-
- # try both reading just the first data block, and reading until EOF
- head -c $FSV_BLOCK_SIZE $file 2>&1 >/dev/null | filter_output
- md5sum $file |& filter_output
-}
-
_fsv_scratch_begin_subtest "Enabling verity on file with verity already enabled fails with EEXIST"
_fsv_create_enable_file $fsv_file
echo "(trying again)"
@@ -94,7 +85,7 @@ verify_data_readable $fsv_file
_fsv_scratch_begin_subtest "Enabling verity can be interrupted"
dd if=/dev/zero of=$fsv_file bs=1 count=0 seek=$((1 << 34)) status=none
start_time=$(date +%s)
-$FSVERITY_PROG enable $fsv_file &
+$FSVERITY_PROG enable --block-size=$FSV_BLOCK_SIZE $fsv_file &
sleep 0.5
kill %1
wait
@@ -106,7 +97,7 @@ fi
_fsv_scratch_begin_subtest "Enabling verity on file with verity already being enabled fails with EBUSY"
dd if=/dev/zero of=$fsv_file bs=1 count=0 seek=$((1 << 34)) status=none
start_time=$(date +%s)
-$FSVERITY_PROG enable $fsv_file &
+$FSVERITY_PROG enable --block-size=$FSV_BLOCK_SIZE $fsv_file &
sleep 0.5
_fsv_enable $fsv_file |& filter_output
kill %1
@@ -129,7 +120,7 @@ verify_data_readable $fsv_file
_fsv_scratch_begin_subtest "verity file can be measured"
_fsv_create_enable_file $fsv_file >> $seqres.full
-_fsv_measure $fsv_file
+_fsv_measure $fsv_file | _filter_fsverity_digest
_fsv_scratch_begin_subtest "verity file can be renamed"
_fsv_create_enable_file $fsv_file
@@ -170,8 +161,8 @@ verify_data_readable $fsv_file
# Test files <= 1 block in size. These are a bit of a special case since there
# are no hash blocks; the root hash is calculated directly over the data block.
+_fsv_scratch_begin_subtest "verity on small files"
for size in 1 $((FSV_BLOCK_SIZE - 1)) $FSV_BLOCK_SIZE; do
- _fsv_scratch_begin_subtest "verity on $size-byte file"
head -c $size /dev/urandom > $fsv_orig_file
cp $fsv_orig_file $fsv_file
_fsv_enable $fsv_file
@@ -179,7 +170,7 @@ for size in 1 $((FSV_BLOCK_SIZE - 1)) $FSV_BLOCK_SIZE; do
rm -f $fsv_file
done
-_fsv_scratch_begin_subtest "verity on 100M file (multiple levels in hash tree)"
+_fsv_scratch_begin_subtest "verity on 100MB file (multiple levels in hash tree)"
head -c 100000000 /dev/urandom > $fsv_orig_file
cp $fsv_orig_file $fsv_file
_fsv_enable $fsv_file
diff --git a/tests/generic/572.out b/tests/generic/572.out
index ad381629..d703835b 100644
--- a/tests/generic/572.out
+++ b/tests/generic/572.out
@@ -39,7 +39,7 @@ bash: SCRATCH_MNT/file.fsv: Operation not permitted
# verity file can be read
# verity file can be measured
-sha256:be54121da3877f8852c65136d731784f134c4dd9d95071502e80d7be9f99b263
+sha256:<digest>
# verity file can be renamed
@@ -58,16 +58,12 @@ sha256:be54121da3877f8852c65136d731784f134c4dd9d95071502e80d7be9f99b263
# Trying to measure non-verity file fails with ENODATA
ERROR: FS_IOC_MEASURE_VERITY failed on 'SCRATCH_MNT/file.fsv': No data available
-# verity on 1-byte file
+# verity on small files
Files matched
-
-# verity on 4095-byte file
Files matched
-
-# verity on 4096-byte file
Files matched
-# verity on 100M file (multiple levels in hash tree)
+# verity on 100MB file (multiple levels in hash tree)
Files matched
# verity on sparse file
--
2.39.0
next prev parent reply other threads:[~2022-12-29 23:35 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-29 23:32 [PATCH v3 00/10] xfstests: update verity tests for non-4K block and page size Eric Biggers
2022-12-29 23:32 ` [PATCH v3 01/10] common/verity: add and use _fsv_can_enable() Eric Biggers
2022-12-29 23:32 ` [PATCH v3 02/10] common/verity: set FSV_BLOCK_SIZE to an appropriate value Eric Biggers
2022-12-29 23:32 ` [PATCH v3 03/10] common/verity: use FSV_BLOCK_SIZE by default Eric Biggers
2022-12-29 23:32 ` [PATCH v3 04/10] common/verity: add _filter_fsverity_digest() Eric Biggers
2022-12-29 23:32 ` Eric Biggers [this message]
2022-12-29 23:32 ` [PATCH v3 06/10] generic/573: support non-4K Merkle tree block size Eric Biggers
2022-12-29 23:32 ` [PATCH v3 07/10] generic/577: " Eric Biggers
2022-12-29 23:32 ` [PATCH v3 08/10] generic/574: test multiple Merkle tree block sizes Eric Biggers
2022-12-29 23:32 ` [PATCH v3 09/10] generic/624: " Eric Biggers
2022-12-29 23:32 ` [PATCH v3 10/10] generic/575: test 1K Merkle tree block size Eric Biggers
2023-01-01 13:30 ` [PATCH v3 00/10] xfstests: update verity tests for non-4K block and page size Zorro Lang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221229233222.119630-6-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.